Santiago Hurtado

---

Professional Profile

Principal Architect defining Infrastructure-as-a-Product strategy and technical governance for cloud-native edge infrastructure. I establish lean architectural blueprints bridging embedded Linux constraints with Kubernetes operations, delivering secure, autonomous systems aligned with IEC 62443, CRA, and NIS2.

---

Career Highlights

• Global Edge Deployment at Scale: Architected an automated GitOps and OTA provisioning pipeline that reduced remote device onboarding from days to minutes.
• Enterprise Kubernetes Platform Design: Designed a Kubernetes Operator for enterprise-grade MQTT messaging infrastructure, introducing zero-downtime rolling upgrades.
• Monolith-to-Platform Transformation: Led the architectural strategy to decompose a 15M+ LOC legacy monolith into a secure, containerised architecture.
• Security-by-Design at the Edge: Implemented Zero Trust architecture principles and IEC 62443-aligned controls to harden distributed edge operations.

---

Technical Core

Edge & Systems : Yocto Project, Mender, IoT Edge, SoC Optimization (ARM/x86), Embedded Linux.

Orchestration & Cloud : Kubernetes (k3s, RKE2), FluxCD, Docker, Terraform, Multi-Cloud Strategy.

Data & Messaging : MQTT, gRPC, AMQP, VictoriaMetrics, Grafana, PostgreSQL.

Governance & Security : Zero Trust Architecture, NIS2, CRA, IEC 62443, Threat Modeling.

Languages : Go, Python, Java, C++, Bash.

---

Architecture Principles

• Keep systems lean: Use the smallest architecture that solves the business problem.
• Design for failure: Prioritize autonomous recovery, safe rollout/rollback, and observable operations.
• Build security into the platform: Implement identity-first controls, segmentation, and lifecycle hardening from day one.
• Create durable boundaries: Preserve adaptability as products, hardware, and teams evolve.

---

For professional recommendations and a full career history, please visit my LinkedIn profile.